Get Channel Authentication Capabilities 命令详情
更新时间:2025/06/26
在Gitcode上查看源码修订记录
| openUBMC版本号 | 修订日期 | 修订人 | 修订内容 |
|---|---|---|---|
| 25.06 | 2025/06/26 | pengqiang-gs | 初稿,新增命令详情 |
基本信息
功能说明
标准命令,获取当前通道或者指定通道的鉴权算法支持信息。 This command is used to retrieve capability information about the channel that the message is delivered over, or for a particular channel. The command returns the authentication algorithm support for the given privilege level.
权限
Unspecified
命令信息
请求信息
| 字节顺序 | 域取值说明 |
|---|---|
| 1 | Channel Number [7] 1b = get IPMI v2.0+ extended data. If the given channel supports authentication but does not support RMCP+ (e.g. a serial channel), then the Response data should return with bit [5] of byte 4 = 0b, byte 5 should return 01h, 0b = Backward compatible with IPMI v1.5. Response data only returns bytes 1:9, bit [7] of byte 3 (Authentication Type Support) and bit [5] of byte 4 returns as 0b, bit [5] of byte byte 5 returns 00h. [6:4] - reserved [3:0] - channel number. 0h-Bh, Fh = channel numbers Eh = retrieve information for channel this request was issued on |
| 2 | Requested Maximum Privilege Level [7:4] - reserved [3:0] - requested privilege level 0h = reserved 1h = Callback level 2h = User level 3h = Operator level 4h = Administrator level 5h = OEM Proprietary level |
响应信息
| 字节顺序 | 域取值说明 |
|---|---|
| 1 | Completion Code |
| 2 | Channel Number Channel number that the Authentication Capabilities is being returned for. If the channel number in the request was set to Eh, this will return the channel number for the channel that the request was received on |
| 3 | Authentication Type Support Returns the setting of the Authentication Type Enable field from the configuration parameters for the given channel that corresponds to the Requested Maximum Privilege Level. [7] 1b = IPMI v2.0+ extended capabilities available. See Extended Capabilities field, below. 0b = IPMI v1.5 support only. [6] - reserved [5:0] -IPMI v1.5 Authentication type(s) enabled for given Requested Maximum Privilege Level All bits 1b = supported 0b = authentication type not available for use. [5] - OEM proprietary (per OEM identified by the IANA OEM ID in the RMCP Ping Response) [4] - straight password / key [3] - reserved [2] - MD5 [1] - MD2 [0] - none |
| 4 | [7:6] - reserved [5] - KG status (two-key login status). Applies to v2.0/RMCP+ RAKP Authentication only. Otherwise, ignore as ‘reserved’. 0b = KG is set to default (all 0’s). User key KUID will be used in place of KG in RAKP. (Knowledge of KG not required for activating session.) 1b = KG is set to non-zero value. (Knowledge of both KG and user password (if not anonymous login) required for activating session.) Following bits apply to IPMI v1.5 and v2.0: [4] - Per-message Authentication status 0b = Per-message Authentication is enabled. Packets to the BMC must be authenticated per Authentication Type used to activate the session, and User Level Authentication setting, following. 1b = Per-message Authentication is disabled. Authentication Type ‘none’ accepted for packets to the BMC after the session has been activated. [3] - User Level Authentication status 0b = User Level Authentication is enabled. User Level commands must be authenticated per Authentication Type used to activate the session. 1b = User Level Authentication is disabled. Authentication Type ‘none’ accepted for User Level commands to the BMC. [2:0] - Anonymous Login status This parameter returns values that tells the remote console whether there are users on the system that have ‘null’ usernames. This can be used to guide the way the remote console presents login options to the user. (see IPMI v1.5 specification sections 6.9.1, ‘Anonymous Login’ Convention and 6.9.2, Anonymous Login ) [2] 1b = Non-null usernames enabled. (One or more users are enabled that have non-null usernames). [1] 1b = Null usernames enabled (One or more users that have a null username, but non-null password, are presently enabled) [0] 1b = Anonymous Login enabled (A user that has a null username and null password is presently enabled) |
| 5 | For IPMI v1.5: - reserved For IPMI v2.0+: - Extended Capabilities [7:2] -reserved [1] - 1b = channel supports IPMI v2.0 connections. [0] - 1b = channel supports IPMI v1.5 connections. |
| 6:8 | OEM ID IANA Enterprise Number for OEM/Organization that specified the particular OEM Authentication Type for RMCP. Least significant byte first. Return 00h, 00h, 00h if no OEM authentication type available. |
| 9 | OEM auxiliary data. Additional OEM-specific information for the OEM Authentication Type for RMCP. Return 00h if no OEM authentication type available. |
命令样例
样例1:获取当前BMC的会话鉴权属性
- 请求:
- 响应: